<?php

include_once("Database.inc");

/*
 * Defines the User object.
 */

class User {
	
	public $uid;
	public $username;
	public $password;
	public $accessLevel;
	public $firstName;
	public $surname;
	public $ecno;
	public $shift;
	
	public function showInfo() {
		print 
			"<ul>" .
				"<li>UID: $this->uid</li>" .
				"<li>User Name: $this->username</li>" .
				"<li>Access Level: $this->accessLevel</li>" .
				"<li>First Name: $this->firstName</li>" .
				"<li>Surname: $this->surname</li>" .
				"<li>ECNo: $this->ecno</li>" .
				"<li>Shift: $this->shift</li>" .
			"</ul>";
	}
	
	/*
	 * Obtains an array of all users currently stored in the database.
	 */
	public static function getAllUsers() {
		$users = array();
		
		$query = $GLOBALS["DB"]->doQuery("SELECT UID, USERNAME, PASSWORD, ACCESSLEVEL, FIRSTNAME, ".
											"SURNAME, ECNO, SHIFT FROM USERS ORDER BY USERNAME");
		
		while ($row = mssql_fetch_array($query)) {
			array_push($users, User::getUserFromArray($row));
		}
		
		mssql_free_result($query);
		
		return $users;
	}
	
	/*
	 * Obtains the user instance with the specified UID, or null,
	 * if the user does not exist.
	 */
	 public static function getUser($uid) {	 	
	 	$query = $GLOBALS["DB"] -> doQuery("SELECT UID, USERNAME, PASSWORD, ACCESSLEVEL, FIRSTNAME, ".
											"SURNAME, ECNO, SHIFT FROM USERS WHERE UID = $uid");
	 	
	 	$u = null;
	 	
	 	if ($row = mssql_fetch_array($query)) {
	 		$u = User::getUserFromArray($row);
	 	} 
	 
	 	mssql_free_result($query);
	 	
	 	return $u;
	 }
	 
	/*
	 * Updates the specified user in the database.  If the UID is 0, then
	 * the user is added.  Otherwise, an existing record is modified.
	 */
	 public static function updateUser($user) {	 
	 	$query = "";
	 	if ($user->uid == 0) {
	 		$query = 
	 			"INSERT INTO USERS(USERNAME, PASSWORD, ACCESSLEVEL, FIRSTNAME, SURNAME, ECNO, SHIFT) ".
				"VALUES ('$user->username', '$user->password', $user->accessLevel, '$user->firstName', ".
				"'$user->surname', '$user->ecno', '$user->shift');";
	 	} else {
	 		$query = 
	 			"UPDATE USERS SET PASSWORD='$user->password', ACCESSLEVEL='$user->accessLevel', ".
				"FIRSTNAME='$user->firstName', SURNAME='$user->surname', ECNO='$user->ecno', "
				."SHIFT='$user->shift' WHERE uid=$user->uid;";
	 	}
	 	
	 	$GLOBALS["DB"] -> doQuery($query);
	 }
	 
	 /*
	  * Deletes the user with the specified UID.
	  */
	 public static function deleteUser($uid) {
	 	$query = "DELETE FROM USERS WHERE UID=$uid;";
	 	
	 	$GLOBALS["DB"] -> doQuery($query);
	 }
	 
	 public static function authenticateUser($userName, $password) {
	 	$txtQuery = 
	 		"SELECT COUNT(UID) FROM USERS WHERE USERNAME='$userName' AND PASSWORD='$password' ".
	 		"AND (ACCESSLEVEL=1 OR ACCESSLEVEL=4)";
	 	
	 	$query = $GLOBALS["DB"] -> doQuery($txtQuery);
	 	
	 	$result = mssql_fetch_array($query);
	 	
	 	return $result[0];
	 }
	 
	 public static function getUserByName($userName) {
	 	$txtQuery = "SELECT UID, USERNAME, PASSWORD, ACCESSLEVEL, FIRSTNAME, SURNAME, ECNO, ".
					"SHIFT FROM USERS WHERE USERNAME='$userName'";
	 		
	 	$query = $GLOBALS["DB"] -> doQuery($txtQuery);
	 	
	 	if ($row = mssql_fetch_array($query)) {
	 		return User::getUserFromArray($row);
	 	} else {
	 		return null;
	 	}
	 }
	 
	
	/*
	 * Creates a user object based on the array representing a 
	 * user's database record.
	 */
	protected static function getUserFromArray($array) {
		$u = new User();
		
		$u->uid = $array[0];
		$u->username = $array[1];
		$u->password = $array[2];
		$u->accessLevel = $array[3];
		$u->firstName = $array[4];
		$u->surname = $array[5];
		$u->ecno = $array[6];
		$u->shift = $array[7];
		
		return $u;
	}
}

?>